Tyk Gateway v5.2.3

Fixed

• Improved Error Messaging: Enhanced the error messages to specify which type of resource (API keys, certs, OAuth clients) failed to sync from MDCB due to lost connection.
• Fixed a bug which ensures that the Response Body Transform now correctly applies when using Persist GraphQL. Previously when using Persist GraphQL and Body Transform middleware in conjunction, there was a problem with modifying the response correctly.
• We've implemented a backoff limit for GQL subscription connection retry. Previously the Gateway was attempting to reconnect endlessly, with this limit the reconnection attempts will happen in the following intervals: 2s, 4s, 8s, 16s and 32s and after that the Websocket connection will be closed.
• Implemented a tyk version command that provides more details about the Tyk Gateway build. This prints the release version, git commit, Go version used, architecture and other build details. It's used to provide more detailed information when raising support tickets, as well as facilitating some CI automation with the use of --json flag.
• Fixed an issue where the session object generated when creating a Custom Key in a Go Plugin did not inherit parameters correctly from the Security Policy.
• Fixed a minor issue with Go Plugin virtual endpoints where a runtime log error was produced from a request, even if the response was successful. Thanks to @uddmorningsun for spotting this and proposing a fix.
• Fixed a bug where a customer could accidentally provide a Public Key instead of a Certificate to an mTLS request. This would bring down all the Gateways it’s published on, making them unresponsive to any attempt to communicate over HTTPS. Now Tyk will not announce the Public Key during the mTLS handshake.

Tyk Dashboard v5.2.3

Fixed

• Fixed a bug in the Tyk Dashboard API where passing a non-integer value as the pagination query parameter p to the /api/logs endpoint could lead to an out-of-memory scenario as the Dashboard would attempt to retrieve all logs in the system. Tyk will now return an HTTP 400 Bad Request response if a non-integer value is provided. This fix mitigates the risk of accidentally or deliberately causing Tyk Dashboard to stop responding.
• Fixed a bug in the API Designer that prevented dragging to re-size the OPA editor.
• Fixed a bug where searching for a User in the Tyk Dashboard didn't match partial user names.
• Fixed a bug where Tyk Dashboard was unable to retrieve certificates from a Tyk Gateway if the Gateway version was <4.1 and Dashboard version was >=4.1. This was due to a change made in the 4.1 versions to the way certificate details are retrieved in dashboard; in the newer versions, we can view more detail of the certificates. Now you can use Tyk Dashboard with any version of the Tyk Gateway and still retrieve and view certificate details.
• Fixed a bug in the Tyk Classic API Designer where if you changed the protocol for an API (for example from HTTP to HTTPS) then the authentication mechanism would be automatically set to Authentication Token.
• Fixed a bug in the Tyk Classic API Designer where it was not possible to configure External OAuth authentication for an API using the Raw API Definition screen. The Dashboard would always set use_standard_auth to true, which actually enables Auth Token authentication.
• Fixed a bug with failed GQL subscriptions between the upstream and the Dashboard UI. When an upstream subscription was disconnected and later reconnected, the UI did not update to reflect the reconnection, preventing the seamless consumption of messages. Now the Dashboard UI can continue consuming messages after upstream reconnects.